Protect Glass Production Chemicals from Use in a Terrorist Attack

Overview

From windows and glassware, to smartphone screens and semiconductors, glass products are indispensable to our modern way of life. The glass industry uses a variety of chemicals throughout the manufacturing process of these glass products. In the wrong hands, however, some of these same chemicals can be used for great harm.

What Is CFATS? In 2006, Congress authorized the U.S. Department of Homeland Security (DHS) to establish the Chemical Facility Anti-Terrorism Standards (CFATS) program. Managed by the Cybersecurity and Infrastructure Security Agency (CISA), the CFATS program identifies and regulates high-risk chemical facilities to ensure that security measures are in place that reduce the risk of certain chemicals being weaponized. Appendix A of the CFATS regulation lists more than 300 chemicals of interest (COI) and their respective screening threshold quantity (STQ), concentration, and security issues. If released, stolen or diverted, and/or used as a contaminant, these COI have the potential to cause significant loss of human life and/or health consequences. Any individual or facility in possession of COI that meets or exceeds the STQ and concentration must report those chemicals to CISA through an online survey called a Top-Screen.

COI Commonly Found in Glass Production Facilities Glass and glass product manufacturing facilities that use COI to make products—e.g., flat glass, blown glass, glassware, glass container, electronic component, and etch glass—are considered chemical facilities under CFATS and may be subject to its regulations. Some of the commonly reported COI include, but are not limited to:

• Bromine chloride • Potassium nitrate • Chlorine • Propane • Hydrofluoric acid (conc. of 50% or greater) • Sodium nitrate • Hydrogen fluoride (anhydrous) • Sulfur dioxide (anhydrous) • Hydrogen peroxide (conc. of 35% or greater) • Titanium tetrachloride • Nitric acid If a facility possesses any COI at or above the STQ listed in Appendix A, the facility must submit a Top- Screen within 60 days of coming into possession of the COI. See 6 CFR § 27.210(a)(1)(i). Review the Appendix A COI List at cisa.gov/publication/cfats-coi-list.

CISA | DEFEND TODAY, SECURE TOMORROW cisa.gov/cfats [email protected] Linkedin.com/company/cisagov @CISAgov | @cyber | @uscert_gov Facebook.com/CISA @cisagov

Protect Glass Production Chemicals from Use in a Terrorist Attack

CFATS Exclusions

Certain facilities are excluded from the CFATS regulation by statute (6 USC § 621(4)) if they are:

• A Public Water System under the Safe Drinking Water Act. • A Treatment Works under the Federal Water Pollution Control Act. • Regulated by the U.S. Coast Guard under the Maritime Transportation Security Act (MTSA). • Regulated by the Nuclear Regulatory Commission (NRC) or by a state with an NRC agreement. • Owned or operated by the Department of Defense or Energy.

What’s Next? If the facility possesses COI at or above the STQ and concentration listed in Appendix A and is not statutorily excluded from CFATS, the next steps are:

• Complete the Chemical-terrorism Vulnerability Information (CVI) Authorized User Training to begin the process of reporting COI: cisa.gov/cvi-authorized-user-training. • Register for a Chemical Security Assessment Tool (CSAT) account to access the Top-Screen survey: csat-registration.dhs.gov. • Fill out a Top-Screen in CSAT to report COI to CISA: csat.dhs.gov/industry. • Based on the submitted information, CISA assesses the overall risk of the facility. • Facilities assessed as “high-risk” are required to submit a Security Vulnerability Assessment and security plan tailored to the unique security challenges and risks associated with their COI. More than 150 CISA Chemical Security Inspectors are located nationwide to assist high-risk facilities in selecting security measures that comply with the CFATS regulation.

Failure to Submit a Top-Screen CISA is committed to helping facility personnel understand and comply with CFATS by providing technical assistance or onsite consultation. However, CISA has the authority to enforce compliance with the program. This can include issuing civil monetary penalties to facilities that fail to submit a Top-Screen or that are found to be in violation of any aspect of the CFATS regulations (6 USC § 624). Learn more at cisa.gov/cfats-enforcement.

Tools and Resources

• CFATS Resources: cisa.gov/cfats-resources

• CFATS Process: cisa.gov/cfats-process

• CFATS Appendix A COI List: cisa.gov/publication/cfats-coi-list

• Chemical Security Assessment Tool (CSAT): cisa.gov/chemical-security-assessment-tool

• Request a CFATS Presentation: cisa.gov/request-cfats-presentation

• Request a Compliance Assistance Visit: cisa.gov/request-compliance-assistance-visit

• CFATS Knowledge Center: csat-help.dhs.gov

• CSAT Help Desk (technical assistance): Call 1-866-323-2957 or email [email protected]

CISA | DEFEND TODAY, SECURE TOMORROW cisa.gov/cfats [email protected] Linkedin.com/company/cisagov @CISAgov | @cyber | @uscert_gov Facebook.com/CISA @cisagov